Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!husc6!bu-cs!encore!bzs@xenna From: bzs@xenna (Barry Shein) Newsgroups: comp.unix.wizards Subject: Re: Reasons for restricting su privilege? Keywords: su, restricted-su Message-ID: <3948@encore.UUCP> Date: 22 Oct 88 18:56:56 GMT References: <6606@pyr.gatech.EDU> Sender: news@encore.UUCP Reply-To: bzs@xenna (Barry Shein) Organization: Encore Computer Corp Lines: 55 In-reply-to: david@pyr.gatech.EDU (David Brown) > I'm having a problem convincing some of the people around > here of the dangers of having several super users. One of > our faculty members insists upon having the privilege, > for whenever one of the normal super users isn't around. I've > tried every argument I know, all to no avail. Any hints? > Any new arguments? For that matter, give me the old arguments. > I'm not asking for detailed 'holes', all I want are valid reasons > for restricting the su privilege. You're looking for a way to turn a technical bludgeon into a political one, always a tricky bit of alchemy. I generally wasn't too nervous about people with some technical competence having privs on a multi-user system. Ultimately it's up to the user community of the system (ie. the ones who might be adversely affected), or whoever really should have the say, sounds like your real problem is you haven't developed any authoritative way to settle such an issue so you bicker. Perhaps if there was some such thing they'd take away your privileges :-) One thing I usually pointed out was that if you can't take the heat you'd be better off staying out of the kitchen (coupled with trying to understand why exactly the person believes s/he needs privs on the system.) That is, if ya break something, you'll fix it. If you screw someone else that fact will be pointed out in public (ie. to the user and users affected), just as with anyone with such privs. There has to be some accountability when one gives the keys to the asylum to the inmates. Sometimes all they really wanted was to be able to unf**k the printer or some such which could usually be done with a setuid program I could throw together. Sometimes it was just frustration that operations folks weren't doing *their* job properly (ie. calling and asking for a printer to be unf**d would draw a blank), so some training was in order. Sometimes it was just an inability to accept that occasionally things go awry and having privs is not some magic key to power over computers, at least not in the wrong hands. Sometimes they needed them and could be trusted with them so what the heck, especially if it was their system anyhow and they were willing to be accountable to their user community and the other admins. If not then you're screwed, your political situation is untenable, they can come into the lab, throw glassware and chemicals about, use expensive equipment as field hockey pucks and you've got to clean up and get things right again when they're finished and keep serious users of the "lab" happy. Too bad, yer dead meat. On the other hand one has to be somewhat sensitive to feelings of being treated like a child or an idiot, throwing in the accountability with the privileges should accomplish that, after all, that's all you're really trying to get across (right?!) "With rights come responsibilities" -Barry Shein, ||Encore||